CVE-2026-6350
Deferred Deferred - Pending Action

Stack-Based Buffer Overflow in MailGates Enables Remote Code Execution

Vulnerability report for CVE-2026-6350, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-16

Last updated on: 2026-05-19

Assigner: TWCERT/CC

Description

MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-16
Last Modified
2026-05-19
Generated
2026-07-06
AI Q&A
2026-04-17
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
openfind mailgates to 5.2.10.099 (exc)
openfind mailgates to 6.1.10.054 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Detection Guidance

The CVE-2026-6350 vulnerability affects MailGates/MailAudit versions prior to 6.1.10.054 (for 6.0 series) and prior to 5.2.10.099 (for 5.0 series). Detection primarily involves identifying the installed version of MailGates/MailAudit on your system.

To detect if your system is vulnerable, you can check the installed version of MailGates/MailAudit by running commands that query the software version. For example, if the software provides a command-line interface, you might use commands like:

  • mailgates --version
  • mailaudit --version

If these commands are not available, you may check the version via package management tools or by inspecting the software's installation directory or documentation.

Since this vulnerability allows unauthenticated remote exploitation, monitoring network traffic for suspicious activity targeting MailGates/MailAudit services could also help detect exploitation attempts, but specific detection commands or signatures are not provided in the available resources.

The recommended mitigation is to update MailGates/MailAudit to version 6.1.10.054 or later for the 6.0 series, or 5.2.10.099 or later for the 5.0 series.

Executive Summary

CVE-2026-6350 is a critical stack-based buffer overflow vulnerability in Openfind's MailGates/MailAudit software versions prior to 6.1.10.054 (6.0 series) and 5.2.10.099 (5.0 series).

This vulnerability allows unauthenticated remote attackers to manipulate the program's execution flow and execute arbitrary code on the affected system.

Impact Analysis

An attacker exploiting this vulnerability can gain control over the affected MailGates/MailAudit program's execution, potentially allowing them to run arbitrary code remotely without any authentication.

This can lead to full compromise of the system running the vulnerable software, including unauthorized access, data theft, or disruption of services.

Mitigation Strategies

To mitigate the CVE-2026-6350 vulnerability, you should update MailGates/MailAudit to a secure version.

  • For MailGates/MailAudit 6.0 series, update to version 6.1.10.054 or later.
  • For MailGates/MailAudit 5.0 series, update to version 5.2.10.099 or later.

These updates address the critical stack-based buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code.

Compliance Impact

The provided information does not specify how the CVE-2026-6350 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6350. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart